CyberSec.Space Logo
Back to CVE Browser

CVE-2007-0496

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1050%
EPSS Percentile36.56th
PublishedJan 25, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the g_strRootDir parameter.

Affected Platforms (CPE)

πŸ“¦
Neon Labs

Neon Labs Website

<= 3.2

References & Advisories

πŸ”— http://osvdb.org/36797
πŸ”— http://www.vupen.com/english/advisories/2007/0268
πŸ”— https://www.exploit-db.com/exploits/3163
πŸ”— http://osvdb.org/36797
πŸ”— http://www.vupen.com/english/advisories/2007/0268
πŸ”— https://www.exploit-db.com/exploits/3163

Related Vulnerabilities

CVE-2007-182310.0

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling N...

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...

CVE-2007-005710.0

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a sh...